Nintendo Switch encryption key derivation bare metal RCM payload
Find a file
2021-07-11 15:23:43 -06:00
bdk 12.1.0 and agnostic support until next key change 2021-07-06 11:14:55 -06:00
loader loader: Trim unneeded data 2021-05-12 17:25:55 -06:00
source keys: Add keyslot access check 2021-07-11 15:23:43 -06:00
tools Implement payload compression 2021-05-12 16:47:06 -06:00
.gitignore Implement payload compression 2021-05-12 16:47:06 -06:00
LICENSE Initial commit 2019-03-04 18:05:42 -05:00
Makefile Implement payload compression 2021-05-12 16:47:06 -06:00
README.md Update readme and copyrights 2020-04-15 17:04:07 -06:00
Versions.inc Bump version to v1.9.3 2021-07-06 11:32:01 -06:00

Lockpick_RCM

Lockpick_RCM is a bare metal Nintendo Switch payload that derives encryption keys for use in Switch file handling software like hactool, hactoolnet/LibHac, ChoiDujour, etc. without booting Horizon OS.

Due to changes imposed by firmware 7.0.0, Lockpick homebrew can no longer derive the latest keys. In the boot-time environment however, there is no such limitation.

Usage

  • It is highly recommended, but not required, to place Minerva on SD from the latest Hekate for best performance, especially while dumping titlekeys - the file and path is /bootloader/sys/libsys_minerva.bso
  • Launch Lockpick_RCM.bin using your favorite payload injector or chainloader
  • Upon completion, keys will be saved to /switch/prod.keys and titlekeys to /switch/title.keys on SD
  • If the console has Firmware 7.x or higher, the /sept/ folder from Atmosphère or Kosmos release zip must be present on SD or else only keyblob master key derivation is possible (ie. up to master_key_05 only)

Building

Install devkitARM and run make.

Massive Thanks to CTCaer!

This software is heavily based on Hekate. Beyond that, CTCaer was exceptionally helpful in the development of this project, lending loads of advice, expertise, and humor.

License

This project is under the GPLv2 license. The Save processing module is adapted from hactool code under ISC.